sshd2 logs to the facility specified with the configuration option SysLogFacility. If the option is not set, sshd2 logs to the AUTH facility.

For example, if you want sshd2 to log to the LOCAL1 facility, you need to add the following setting to your server's configuration (/opt/tectia/etc/sshd2_config):

SysLogFacility      LOCAL1

You also need to modify syslog's configuration, so it knows where to put the log messages.

In /etc/syslog.conf (or equivalent):

local1.info         /var/log/sshd2

On some systems, this file may need to exist before syslog will write to it, so you may need to create it:

# touch /var/log/sshd2

If syslog accesses files with a non-root UID, for example logger, you need to change the ownership of the file to that user.

Remember to restart both sshd2 and syslogd after making changes to their configuration files.

The following log facilities are available for SysLogFacility: